AN EXTENDED ROLE-BASED ACCESS CONTROL FOR WEB SERVICES
Yi-qun Zhu, Jian-hua Li, Quan-hai Zhang
2006
Abstract
A key challenge in Web services security is the design of effective access control schemes that can adequately satisfy Web services security requirements. Despite the recent advances in Web based access control, there remain issues that impede the development of effective access control models for Web services environments. One of them is the lacks of dynamic role management and attributes access control for Web services. In this paper, we present a dynamic attribute-based role-based access control model (DARBAC) to address the issues. The proposed approach introduces authorization group, which is used to dynamically manages roles and privileges, and attribute based access control mechanism which is used to protect the services and services parameters. We outline the configuration mechanism needed to apply our model to the Web services environments.
DownloadPaper Citation
in Harvard Style
Zhu Y., Li J. and Zhang Q. (2006). AN EXTENDED ROLE-BASED ACCESS CONTROL FOR WEB SERVICES . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 471-474. DOI: 10.5220/0002100404710474
in Bibtex Style
@conference{secrypt06,
author={Yi-qun Zhu and Jian-hua Li and Quan-hai Zhang},
title={AN EXTENDED ROLE-BASED ACCESS CONTROL FOR WEB SERVICES},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={471-474},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002100404710474},
isbn={978-972-8865-63-4},
}
in EndNote Style
TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - AN EXTENDED ROLE-BASED ACCESS CONTROL FOR WEB SERVICES
SN - 978-972-8865-63-4
AU - Zhu Y.
AU - Li J.
AU - Zhang Q.
PY - 2006
SP - 471
EP - 474
DO - 10.5220/0002100404710474